Date: Tue, 19 Sep 1995 17:30:19 +1000 From: Bruce Evans <bde@zeta.org.au> To: julian@ref.tfs.com, terry@lambert.org Cc: hackers@FreeBSD.ORG Subject: Re: suspect code in 'unlink' syscall. Message-ID: <199509190730.RAA30694@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>> looking at 'unlink (2)' >> I see, >> if (vp->v_type != VDIR || >> (error = suser(p->p_ucred, &p->p_acflag)) == 0) { >Invert the test. I made this mod some time ago: > if( ( error = suser(p->p_ucred, &p->p_acflag)) == 0 || > vp->v_type != VDIR) { >This way, the error code will be set to EPERM if you are not root and the >followon code will not be executed. This way, the error code is bogusly set for non-root, so that only root can unlink anything. Also, root is bogusly recorded as having used the superuser privilege to unlink non-directories. Also, the formatting is messed up. You may have added some gotos to avoid the first bug. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199509190730.RAA30694>